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" The MAILING DA TE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

• Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

• If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply wrill, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

!)□ Responsive to communication(s) filed on . 

2s)M This action is FINAL. 2b)n This action is non-final. 

3) n Since this application is in conijition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex pa/te Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) 13 Claim(s) 7-23 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) S Claim(s) 18-23 is/are allowed. 

6) 13 Claim(s) 1-17 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)n accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing{s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action orfonn PTO-152. 

Priority under 35 U.S.C. § 119 

12)0 Acknowledgment is made of a daim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)n Ail b)n Some * c)^ None of: 

1 .□ Certified copies of the priority documents have been received. 

2.n Certified copies of the priority documents have been received in Application No. . 



3.n Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Claim Rejections - 35 USC §102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent iinless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

2. Claims 1-17 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Rallis(6,216,230). 

3. As per claims 1,12, Rallis discloses a method of securing a token from unauthorized 
use(see col. 2, lines 52-56), including the steps of: receiving a first message transmitted from a 
host processing device an addressed to a PIN entry device according to a universal serial bus 
(USB) protocol (see col. 1, lines 49-54), the pin entry device communicating with the host 
processing device and being different from a keyboard associated with the host processing 
device(see col. 1, lines 49-54); accepting a PIN entered into the PIN entry device(see fig. lA, 
sheet 1, col. 1, lines 49-52); and transmitting a second message including at least a portion of the 
first message and the PIN from the PIN entry device to the token along a secure communication 
path(see col. 1, lines 54-59). Further, as per claim 12, Rallis discloses the second message being 
transmitted from the pin entry device to the token along the secure communication path(see col. 
2, lines 48-60). 
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4. As per claim 2, Rallis discloses the first message is received in the PIN entry device(see 
col. 1, Unes 51-54); and the second message is transmitted from the PIN entry device directly to 
the token along the secure communication path(see col. 1, Unes 60-67, col. 2, lines 52-56). 

5. As per claim 3, Rallis discloses the step of receiving the first message transmitted from a 
host processing device and addressed to a PIN entry device(see col 1, Unes 51-59), includes 
receiving the first message in a USB-compUant hub, inherent, because Rallis discloses a USB 
port(14)(see fig, lA, sheet l)(see col. 2, Unes 35-43, 52-56), communicatively coupled to the 
host processing device via a first communication path(see fig. lA, sheet 1, col. 1, lines 49-59); 
transmitting the first message to the PIN entry device communicatively coupled to the USB- 
compliant hub, inherent, because Rallis discloses a USB port(14)(see fig. lA, sheet 1, col. 1, 
lines 49-54); and the step of transmitting the second message comprising the portion of the first 
message and the PIN and at least a portion of the first message from the PIN entry device to the 
token along a secure communication path, transmitting a second message from the pin entry 
device via the USB hub(see col. 1, lines 49-67, col. 2, lines 35-43). 

6. As per claim 4, Rallis discloses wherein the step of transmitting the second message from 
the PIN entry device via the USB-compHant hub includes the steps of transmitting a third 
message comprising the PIN from the PIN entry device to the USB-compliant hub; processing 
the message in the USB-conqDliant hub to produce the second message; and transmitting the 
second message from the USB-compliant hub(see col. 1, Unes 49-67). The Examiner asserts that 
the third message is whether the pin is correct or not. 

7. As per claim 5, Rallis discloses wherein the signal received from the host processing 
device is generated in an API interface, is inherent in Rallis because Rallis discloses messages 
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that are both sent and received by the token and host processing device(i.e. notebook)(see col 2, 
lines 48-56). 

8. As per claims 6, 13, Rallis discloses the first message is encrypted according to a first 
encryption key; and the pin entry device comprises a decryption module having access to the 
first encryption key for decoding the first message(see col. 1, lines 37-67). 

9. As per claim 7, Rallis discloses wherein the second message is transmitted to the token 
according to an USB-compliant protocol(14)(see fig. lA, sheet l)(see col 1, lines 49-59). 

10. As per claims 8, 15, Rallis discloses wherein the second message is encrypted according 
to a second encryption key and the token comprises a decryption module having access to the 
second encryption key(see col. 3, lines 49-67, col. 4, lines 1-11). 

11. As per claim 9, Rallis discloses wherein the step of transmitting the second message fi-om 
the PESf entry device to the token further comprises the step of encrypting the second message 
according to a second encryption key stored in the PIN entry device and the token; and 
transmitting the encrypted second message to the token(see col. 3, Unes 49-67, col. 4, Unes 1-11, 
17-24). 

12. As per claim 10, Rallis discloses wherein the first message is a message transmitted fi*om 
the host-processing device to authorize a transaction (see col. 1, lines 49-51). The Examiner 
asserts that the first message is the message that prompts the user to connect the key device(i.e. 
token to the host(i.e. notebook). 

13. As per claim 11, Rallis et al. discloses wherein the first message is a message transmitted 
fi-om the host processing device to authenticate a user of the token(see col. 1, lines 49-54). 
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14. As per claim 14, Rallis discloses wherein the module is a software module having 
instructions stored in a memory accessible to the processor(see col. 2, lines 61-67, col. 2, lines 1- 
19). 

15. As per claim 16, Rallis discloses wherein the second module is a software module having 
instructions stored in a memory accessible to the processor(see col. 2, lines 61-67, col. 2, lines 1- 
19). 

16. As per claim 17, Rallis discloses wherein the PIN entry device fiirther includes an output 
device for prompting the user to enter the PIN(see col. 1, Unes 49-54). 

token(see col. 1, lines 49-59). 

17. As per claims 18-23 are allowable for the features of, the hub accepting the pin and 
generating a message, which is sent to the token. In the prior art of security and networking, 
prior art fails to disclose or suggest, a USB hub intercepting a message and redirecting it to a 
different USB device to which the message was originally addressed. 

Response to Amendment 

18. The Applicant states Rallis does not disclose the pin entry device that communicates with 
the host-processing device is different from a keyboard associated with the host-processing 
device. The Examiner disagrees with the Applicant. The Examiner asserts that Rallis does not 
disclose the pin being entered through the keyboard of the host-processing device. Rallis 
discloses the user is prompted to connect the key device to the conputer(see col. 1, lines 51-52). 
The user is prompted to enter a pin(see col. 1, lines 52-53). Rallis discloses that the user 
validation process does not take place until the key device is connected to the conputer(see col. 
1, lines 49-53). 
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1 9. The Applicant states that Rallis does not teach the use of a separate and distinct pin entry 
device. The Applicant states that the user inputs the pin using the laptop computer. The 
Examiner disagrees with the Applicant, the same remarks above apply. 

20. The Applicant states that the pin is not sent to the token. The Examiner disagrees with 
the Applicant. Rallis discloses that the key device(i.e. token) returns response messages a serial 
number and an encryption key(see col. 2, lines 51-56). 

21. The Applicant states that independent claims 18 and 20 have been amended to show that 
the hub is what intercepts the message sent to the token and redirects it to the pin entry device. 
The Applicant remarks in regards to claims 18 and 20 are persuasive, and overcome prior art of 
Rallis. Thus claims 18-23 are allowable. 

Final Action 

22. TfflS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1. 136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1. 136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jenise E. Jackson whose telephone number is (571) 272-3791. 
The examiner can normally be reached on M-Th (6:00 a.m. - 3:30 pm) alternate Friday's. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or PubUc PAIR. Status information for unpublished 
appUcations is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct, uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 




April 26, 2005 




AYAZ SHEIKH 
SUPERVISORY PATEMT EXAH^IWER 
" ' : CENTER 2100 



